Free Privacy Policy Generators Compared

# BrewNotes Privacy Policy

**Effective Date:** [Effective Date]
**Last Updated:** [Last Updated Date]

## Introduction

Welcome to BrewNotes ("we," "us," or "our"). BrewNotes operates the web application available at [brewnotes.app](https://brewnotes.app) (the "Service"), where coffee enthusiasts can log and share tasting notes.

This Privacy Policy explains what information we collect, how we use it, and the rights you have over your personal data. We are committed to protecting your privacy and complying with applicable data protection laws, including the European Union's General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA), as amended by the CPRA.

By using BrewNotes, you agree to the practices described in this policy. If you do not agree, please do not use the Service.

## Information We Collect

We collect only the information necessary to operate and improve BrewNotes.

**Information you provide to us:**
- **Account information:** Your email address when you sign up for a free account.
- **Profile and content:** Tasting notes, ratings, coffee details, and any other content you choose to log in the app.
- **Payment information:** If you subscribe to a paid plan, billing details are collected and processed directly by Stripe. We do not store your full payment card information on our servers.
- **Communications:** Any messages or support requests you send to us.

**Information collected automatically:**
- **Usage data:** Pages visited, features used, session duration, and referring URLs.
- **Device and log data:** IP address, browser type, operating system, and timestamps.
- **Cookies and analytics identifiers:** See the "Cookies and Tracking" section below.

## How We Use Information

We use the information we collect to:
- Create and maintain your account.
- Provide, operate, and improve the Service.
- Process subscription payments via Stripe.
- Send transactional emails (e.g., password resets, receipts, service notices).
- Analyze usage patterns to understand and improve the Service.
- Detect, prevent, and respond to fraud, abuse, and security incidents.
- Comply with legal obligations.

**Legal bases (GDPR):** Where the GDPR applies, we rely on the following legal bases:
- **Contract:** To provide the Service you signed up for.
- **Legitimate interests:** To improve and secure the Service.
- **Consent:** For non-essential cookies and analytics where required.
- **Legal obligation:** To meet regulatory or tax requirements.

## Cookies and Tracking

BrewNotes uses cookies and similar technologies to keep you signed in, remember preferences, and measure usage.

- **Essential cookies:** Required for core functionality (e.g., authentication).
- **Analytics cookies:** We use Google Analytics to understand how visitors use the Service. Google Analytics may set cookies that collect anonymized usage data.
- **Payment cookies:** Stripe may set cookies during checkout to prevent fraud.

You can manage cookies through your browser settings. Where required by law (e.g., in the EU/UK), we request your consent before setting non-essential cookies through our cookie banner.

To opt out of Google Analytics, you can install the [Google Analytics Opt-Out Browser Add-on](https://tools.google.com/dlpage/gaoptout).

## Third-Party Services

We work with trusted third parties that help us operate the Service. These providers only process data on our behalf and under appropriate safeguards:

- **Amazon Web Services (AWS):** Hosting and data storage (United States).
- **Google Analytics:** Website and product analytics.
- **Stripe:** Payment processing for paid subscriptions.
- **[Email Service Provider]:** Transactional email delivery.

Each provider has its own privacy policy, which we encourage you to review.

## Data Sharing

We do **not** sell your personal information.

We share information only in these limited cases:
- **With service providers** listed above, under contracts that restrict how they use your data.
- **For legal reasons**, such as complying with a subpoena, court order, or other legal process, or to protect rights, property, or safety.
- **Business transfers:** If BrewNotes is involved in a merger, acquisition, or asset sale, your information may be transferred, and we will notify you of any change.

Under the CCPA, California residents have the right to know that we have not sold or "shared" (as defined under the CPRA) personal information in the past 12 months.

## Data Retention

We keep personal information only as long as needed for the purposes described in this policy:
- **Account data:** Retained while your account is active.
- **Tasting notes and content:** Retained until you delete them or close your account.
- **Payment records:** Retained for [Retention Period] to comply with tax and accounting obligations.
- **Analytics data:** Retained according to Google Analytics' default retention settings ([Retention Period]).

When you delete your account, we will delete or anonymize your personal data within a reasonable period, except where retention is required by law.

## User Rights (GDPR and CCPA)

Depending on where you live, you may have the following rights:

**If you are in the European Economic Area or the UK (GDPR):**
- Access the personal data we hold about you.
- Request correction of inaccurate data.
- Request deletion ("right to be forgotten").
- Restrict or object to processing.
- Data portability.
- Withdraw consent at any time.
- Lodge a complaint with your local data protection authority.

**If you are a California resident (CCPA/CPRA):**
- Right to know what categories of personal information we collect and how we use it.
- Right to request access to or deletion of your personal information.
- Right to correct inaccurate information.
- Right to opt out of the "sale" or "sharing" of personal information (note: we do not sell your data).
- Right to limit the use of sensitive personal information.
- Right to non-discrimination for exercising your rights.

To exercise any of these rights, email us at **privacy@brewnotes.app**. We will verify your request and respond within the timeframes required by law. You may also authorize an agent to submit a request on your behalf.

## Children's Privacy

Br

## Introduction

This Privacy Policy explains how BrewNotes ("BrewNotes," "we," "us," or "our") collects, uses, shares, and protects personal information when you use our website and web app at brewnotes.app (the "Service").

BrewNotes is a free web app that allows coffee enthusiasts to log and manage tasting notes. We also offer paid subscriptions processed through Stripe.

This policy is intended to help users understand what information we collect, why we collect it, and what choices and rights users may have under applicable privacy laws, including the General Data Protection Regulation ("GDPR"), the California Consumer Privacy Act as amended by the California Privacy Rights Act ("CCPA/CPRA"), and other general privacy best practices.

If you do not agree with this Privacy Policy, please do not use the Service.

**Effective Date:** [Effective Date]  
**Business Name:** BrewNotes  
**Website:** brewnotes.app

## Information We Collect

We may collect the following categories of information:

### Information You Provide Directly
- **Account information:** email address used to sign up for BrewNotes.
- **User content:** tasting notes, logs, preferences, and other content you choose to enter into the Service.
- **Payment-related information:** if you purchase a paid subscription, payment processing is handled by Stripe. We may receive limited billing information such as subscription status, payment confirmation, and related transaction metadata, but we do not store full payment card details on our own servers.
- **Communications:** information you provide when you contact us at privacy@brewnotes.app or otherwise communicate with us.

### Information Collected Automatically
- **Usage data:** information about how you interact with the Service, such as pages viewed, session activity, features used, approximate location derived from IP address, browser type, device type, operating system, referral URLs, and timestamps.
- **Device and log data:** IP address, browser settings, device identifiers, crash data, and similar technical information.
- **Cookie and analytics data:** information collected through cookies and similar technologies, including through Google Analytics.

### Information from Third Parties
- **Stripe:** subscription and transaction-related information needed to manage billing and paid access.
- **Google Analytics:** aggregated and pseudonymous analytics information about website and app usage.

## How We Use Information

We use personal information for the following purposes:

- To create and manage user accounts.
- To provide the BrewNotes Service and its features.
- To store and display your tasting notes and related user content.
- To process and manage paid subscriptions through Stripe.
- To analyze usage, improve functionality, and better understand how users interact with the Service.
- To communicate with you about your account, subscriptions, support requests, updates, security issues, and administrative matters.
- To maintain the security, integrity, and availability of the Service.
- To detect, prevent, and address fraud, abuse, unauthorized access, or other harmful activity.
- To comply with legal obligations and enforce our terms, policies, and applicable agreements.

### Legal Bases for Processing Under GDPR
If you are in the European Economic Area, United Kingdom, or another jurisdiction with similar requirements, we process personal data under one or more of the following legal bases:

- **Contract:** to provide the Service you request, including account creation and subscription management.
- **Legitimate interests:** to secure, maintain, improve, and analyze our Service, provided those interests are not overridden by your rights.
- **Consent:** where required, such as for certain cookies or optional communications.
- **Legal obligation:** where processing is necessary to comply with applicable laws.

## Cookies and Tracking

We use cookies and similar technologies to operate and improve the Service.

These may include:
- **Essential cookies:** necessary for the website or app to function, such as authentication and security-related cookies.
- **Analytics cookies:** used to understand how users interact with the Service, including through Google Analytics.
- **Preference cookies:** used to remember settings or preferences, where applicable.

You can usually control cookies through your browser settings. Depending on your location, you may also be presented with a cookie banner or consent tool to manage non-essential cookies.

Google Analytics may collect information such as IP address, device information, and browsing behavior. You can learn more about how Google uses data here: [Insert Google Analytics Privacy Link].

## Third-Party Services

We use third-party service providers to operate the Service and support our business. These may include:

- **Google Analytics:** for website and app analytics.
- **Stripe:** for payment processing, subscription billing, and related transaction management.
- **Amazon Web Services (AWS):** for hosting, storage, and infrastructure. Our data is stored on AWS servers located in the United States.

These third parties may process personal information on our behalf or as independent controllers, depending on the service provided. Their handling of personal information is governed by their own privacy notices and contractual terms where applicable.

We encourage users to review the privacy policies of these third parties:
- Google: [Insert Google Privacy Policy Link]
- Stripe: [Insert Stripe Privacy Policy Link]
- AWS: [Insert AWS Privacy Link]

## Data Sharing

We do not sell personal information for money. We also do not share personal information for cross-context behavioral advertising unless otherwise stated in an updated policy.

We may share personal information in the following circumstances:

- **Service providers:** with vendors and processors who help us operate the Service, including hosting, analytics, payment processing, customer support, and security providers.
- **Legal compliance:** when required by law, subpoena, court order, or other lawful request.
- **Protection of rights:** where necessary to protect the rights, property, or safety of BrewNotes, our users, or others.
- **Business transfers:** in connection with a merger, acquisition, financing, reorganization, sale of assets, or similar business transaction.
- **With your direction:** where you request or authorize us to share information.

For California residents, we disclose the categories of personal information described above for business purposes to service providers and contractors.

## Data Retention

We retain personal information for as long as reasonably necessary for the purposes described in this Privacy Policy, including to provide the Service, maintain business records, comply with legal obligations, resolve disputes, and enforce agreements.

Examples may include:
- **Account information:** retained while your account remains active and for a reasonable period afterward.
- **User content:** retained until you delete it, delete your account, or as otherwise needed for legitimate business or legal reasons.
- **Transaction and billing records:** retained as necessary for accounting, tax, fraud prevention, and legal compliance.
- **Analytics and technical logs:** retained for a limited period based on operational needs and applicable requirements.

Specific retention periods: [Insert Data Retention Schedule, if available].

## User Rights (GDPR/CCPA)

Depending on where you live, you may have privacy rights regarding your personal information.

### GDPR and Similar Jurisdictions
If GDPR or similar laws apply, you may have the right to:
- Access the personal data we hold about you.
- Request correction of inaccurate or incomplete data.
- Request deletion of your personal data.
- Object to or restrict certain processing.
- Request data portability.
- Withdraw consent where processing is based on consent.
- Lodge a complaint with your local data protection authority.

### California Privacy Rights
If you are a California resident, you may have the right to:
- Know what personal information we collect, use, disclose, and retain.
- Request access to specific pieces of personal information.
- Request deletion of personal information, subject to exceptions.
- Request correction of inaccurate personal information.
- Know whether we sell or share personal information.
- Opt out of the sale or sharing of personal information, if applicable.
- Limit the use of sensitive personal information, if applicable.
- Not be discriminated against for exercising your privacy rights.

To exercise any of these rights, please contact us at **privacy@brewnotes.app**.

We may need to verify your identity before processing your request. You may also designate an authorized agent where permitted by law. California residents may also include “[CCPA Request]” in the subject line.

## Children's Privacy

The Service is not directed to children under 13, and we do not knowingly collect personal information from children under 13.

If you believe a child has provided personal information to us, please contact us at privacy@brewnotes.app. If we learn that we have collected personal information from a child in violation of applicable law, we will take steps to delete that information.

If a different minimum age applies in your jurisdiction, we will comply with applicable local law.

## International Transfers

BrewNotes is based in [Company Location], and we use service providers, including AWS, that store and process data in the United States.

Because we have users in the European Union and other regions, your personal information may be transferred to, stored in, and processed in countries other than your own, including the United States, where privacy laws may differ.

Where required by law, we take appropriate steps to safeguard international transfers, such as using contractual protections like Standard Contractual Clauses or relying on other approved legal mechanisms.

For more information about international transfers, contact us at privacy@brewnotes.app.

## Security

We use reasonable administrative, technical, and organizational measures to protect personal information against unauthorized access, loss, misuse, disclosure, alteration, and destruction.

However, no method of transmission over the internet or method of electronic storage is completely secure. As a result, we cannot guarantee absolute security.

You are responsible for maintaining the confidentiality of your account credentials and for notifying us promptly of any unauthorized account activity.

## Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or business operations.

When we make changes, we will update the **Effective Date** at the top of this policy. If required by law, we will provide additional notice or obtain consent.

Your continued use of the Service after any updated Privacy Policy becomes effective means you acknowledge

Of course. Here is a privacy policy for BrewNotes, drafted according to your specifications.

***

# Privacy Policy for BrewNotes

**Effective Date:** [Effective Date]

This Privacy Policy describes how BrewNotes ("we," "us," or "our") collects, uses, and shares information about you when you use our web application at brewnotes.app (the "Service"). We are committed to protecting your privacy and handling your data in an open and transparent manner.

This policy is designed to comply with major privacy regulations, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).

## Introduction

Welcome to BrewNotes! Our mission is to provide a simple and enjoyable platform for coffee enthusiasts to log and remember their coffee tasting experiences. This policy explains what personal information we collect,